CVE-2024-20287— Cisco Business Wireless Access Points 安全漏洞

N/A

A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio Access Point (AP) with Single Point Setup could allow an authenticated, remote attacker to perform command injection attacks against an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device. To exploit this vulnerability, the attacker must have valid administrative credentials for the device.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

参数注入或修改

Cisco Business Wireless Access Points 安全漏洞

Cisco Business Wireless Access Points是美国思科（Cisco）公司的商用无线接入解决方案。 Cisco WAP371 Wireless-AC/N Dual Radio Access Point 存在安全漏洞，该漏洞源于基于 Web 的管理界面中存在漏洞，可能允许经过身份验证的远程攻击者对受影响的设备执行命令注入攻击。

N/A

N/A